You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2004/08/28 02:42:26 UTC

DO NOT REPLY [Bug 30909] New: - sporadic segfault resulting in broken connections

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=30909>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=30909

sporadic segfault resulting in broken connections

           Summary: sporadic segfault resulting in broken connections
           Product: Apache httpd-1.3
           Version: HEAD
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Critical
          Priority: Other
         Component: mod_rewrite
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: wes@sagesecure.com


Starting in 1.3.29, and affecting all current versions (including 2.x), Apache
segfaults sporadically. My best guess after some experimenting is that the bug
is related to the security fix done to mod rewrite in that version (the regexp
fix). The bug happens when apache suddenly is hit with a large number of page
requests that all require mod rewrite to do its thing. 

I notice this because I heavily use mod-rewrite to make dynamic script requests
appear to be static page urls.

The following rules cause the segfaults:

RewriteEngine on
RewriteCond %{REQUEST_URI} !/$
RewriteCond %{REQUEST_FILENAME}/script.php -f
RewriteRule ^.*$ %{REQUEST_URI}/ [R,L]
RewriteRule !^/*static|forums|cgi-bin(.*) script.php$1 [T=application/x-httpd-php]


I have had no problems prior to 1.3.29. This problem also affects the 2.0
series, which leads me to belive that it is the result of a security fix applied
to both builds... the problem also does not occur when mod-rewrite is not being
used (meaning, the problem is unrelated to PHP or my PHP app).

Further notes:

This bug is platform independent (has been reproduced on Linux and OpenBSD)
using Apache built with PHP versions 4.3.4 and 4.3.8. The bug can be reproduced
in Apache 2.0.50 and 1.3.29, 30, 31.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org